Apparently GNUPG has recently added elliptic curve support. This is really
important, since the safe RSA key size (2048) is pretty big, and the verys
afe RSA key size (2048) is a bit too big to be reasonable (you can't
include it in a signature, for example).

Unfortunately, it looks like the OpenPGP standard specifies the
NSA-produced elliptic curves. Given the recent situation with Dual_EC_DRBG,
NSA-produced standards are suspect, especially with suspicious constants
like the standard elliptic curves have.

DJB has analyzed the available elliptic curves and recommended some that he
expects to be reasonably safe at http://safecurves.cr.yp.to .

Does anyone know the status on the inclusion of secure ECC in gnupg?

Thanks,

-- Nat
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to